From 1d1a46aa9e16de851c88e76b033e1a1aa00e8c2c Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Sun, 25 Aug 2013 18:44:45 +0200
Subject: make it easier to override behaviour of the dns rules

---
 manifests/rules/dns.pp | 20 ++++----------------
 1 file changed, 4 insertions(+), 16 deletions(-)

(limited to 'manifests/rules/dns.pp')

diff --git a/manifests/rules/dns.pp b/manifests/rules/dns.pp
index 99311ca..e775eee 100644
--- a/manifests/rules/dns.pp
+++ b/manifests/rules/dns.pp
@@ -1,18 +1,6 @@
+# open dns port
 class shorewall::rules::dns {
-    shorewall::rule {
-        'net-me-tcp_dns':
-                        source          =>      'net',
-                        destination     =>      '$FW',
-                        proto           =>      'tcp',
-                        destinationport =>      '53',
-                        order           =>      240,
-                        action          =>      'ACCEPT';
-        'net-me-udp_dns':
-                        source          =>      'net',
-                        destination     =>      '$FW',
-                        proto           =>      'udp',
-                        destinationport =>      '53',
-                        order           =>      240,
-                        action          =>      'ACCEPT';
-    }
+  shorewall::rules::dns_rules{
+    'net':
+  }
 }
-- 
cgit v1.2.3